Client does not send FIN flag when using F5
Hey all,
We've been having a weird issue, so we have a test system using F5 which appears to have a 60 seconds delay closing the connection.
Traffic flow:
- Client (external) -> F5 -> redirect to internal server.
- F5 has an iRule to insert http header and then pass this to the server.
TCPDUMP shows a normal traffic from client to the server and back to the client (which all happens within seconds), however when the client gets back the response data (HTTP 1.1 200) and sends an ACK to the F5 (which then it passes on to the server). Then it just waits there for a good 60 seconds before the server finally sends a FIN ( I believe this is due to the TCP FIN timeout value on linux which is by default 60 seconds )
Here's the weird part:
Our vendor tested with Apache, and the 60 seconds delay does not happen. After sending ACK, the client immediately follows with a FIN flag which then close the connection properly.
Now we can't really say the code is bad on the vendor side since their argument is on apache it's working as intended (they code the application both on client and the server), so they're blaming it on the F5
Is there anything I can do from the F5 side?